Re: bluetooth on FC5

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Charles-Edouard Ruault wrote:
Hi All,

i've compiled and installed kdebluetooth on my Fedora ppc distro, i'm trying to get the stuff working and i'm getting the following problems related to SELinux:

When i want to browse a device which is not yet paired with the laptop i'm getting errors, because hcid is denied a few filesystem operations:

audit(1146044994.917:786): avc: denied { create } for pid=1836 comm="hcid" name="bluetooth" scontext=system_u:system_r:bluetooth_t:s0 tcontext=system_u:object_r:var_lib_t:s0 tclass=dir

I've then straced hcid and found out that it's trying to create a directory /var/lib/bluetooth and that this operation is being denied ( thus the above log ).
I've manually created the directory:
mkdir -p /var/lib/bluetooth/
and then
chcon system_u:object_r:bluetooth_var_lib_t bluetooth

and now everything's fine.
So i guess two things could be done in order to fix this :

1) allow hcid to create a dir in /var/lib ( i.e add this to the policy : allow bluetooth_t var_lib_t:dir create; ) 2) during installation of the bluetooth packages, create the /var/lib/bluetooth directory and tag it properly.

Ok i spoke too quickly, after trying to pair with my phone i got the following avc message: audit(1146046683.267:792): avc: denied { execute_no_trans } for pid=3742 comm="sh" name="kbluepin" dev=hda10 ino=1740403 scontext=user_u:system_r:bluetooth_t:s0 tcontext=system_u:object_r:lib_t:s0 tclass=file

So we should also add the following to the policy:
allow bluetooth_t lib_t:file execute_no_trans;


--
Charles-Edouard Ruault
GPG key Id E4D2B80C

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux